Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
File: AS396998.roa (raw, json)
Hash identifier: hdnfxNWo7wC9lxp+BUDNb2BYBes0WG9TLesytfW/pu0=
Subject key identifier: 72:20:56:3A:6A:4B:37:F0:E7:0F:B4:DD:09:02:A3:1A:D7:1E:3A:80
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7E5076CF62203C7E85A50EB96C3B15944E90E873
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
Signing time: Sat 19 Oct 2024 08:21:04 +0000
ROA not before: Sat 19 Oct 2024 08:16:04 +0000
ROA not after: Sat 18 Oct 2025 08:21:04 +0000
asID: 396998
IP address blocks: 141.11.196.0/22 maxlen: 24
141.11.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:50:76:cf:62:20:3c:7e:85:a5:0e:b9:6c:3b:15:94:4e:90:e8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 19 08:16:04 2024 GMT
Not After : Oct 18 08:21:04 2025 GMT
Subject: CN=7220563A6A4B37F0E70FB4DD0902A31AD71E3A80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f1:49:e1:4d:64:c1:a6:d9:4a:33:2e:ee:13:
a3:17:4b:d9:eb:30:4e:c9:1a:79:37:1c:1f:3e:37:
b0:0f:1e:95:e9:c0:c2:9a:3e:60:30:5e:0b:d3:fc:
82:29:85:43:61:49:0c:a6:d8:8a:a2:5a:fc:61:cd:
84:18:8d:29:b4:4a:64:e4:c2:d7:56:50:38:f6:2d:
3d:e4:41:c6:14:af:62:fb:d8:0c:98:a2:49:92:7a:
c8:40:98:6d:0f:98:d9:36:3c:6b:3e:c0:cd:ad:9a:
05:2c:bd:3e:e9:75:89:a3:e9:b2:09:bd:19:c9:1a:
c6:66:7a:c8:e1:7b:8f:6c:3d:6f:ed:e5:54:d9:d5:
2c:fb:71:36:f3:ba:ee:54:9e:62:ad:28:57:e7:6c:
12:6f:d8:46:bc:4a:ec:88:26:76:b7:1d:92:b8:b5:
40:f6:42:1a:a2:72:2a:1d:12:5f:94:02:0f:a8:4a:
9f:2a:bc:1c:ab:91:8b:fa:2f:65:ce:e6:6e:cf:39:
b9:69:58:41:c1:66:a6:7a:44:38:3e:51:7e:a0:70:
97:47:d1:c4:ba:57:af:99:18:54:ce:76:92:f7:18:
b4:5e:79:35:8d:0c:ac:70:c1:24:e7:38:96:19:4e:
1d:e3:c7:ec:26:f7:24:54:bc:4a:6d:c4:e4:aa:f8:
a1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:20:56:3A:6A:4B:37:F0:E7:0F:B4:DD:09:02:A3:1A:D7:1E:3A:80
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.196.0/22
141.11.230.0/23
Signature Algorithm: sha256WithRSAEncryption
90:7f:78:24:3c:06:f5:b8:f4:90:ac:24:45:7d:23:0e:f6:1e:
50:62:bd:93:c5:40:46:c2:c6:0c:c3:c1:3c:6d:34:c1:61:45:
be:b3:17:2a:2d:71:96:59:b3:74:c7:6b:1d:23:68:85:96:6f:
a0:e2:7d:e7:cf:d7:18:ec:57:37:8f:c3:4c:5b:64:49:a8:b1:
be:d1:2a:d7:aa:0b:fc:ce:00:9e:91:48:e8:bb:b8:00:d2:2c:
ab:5c:df:08:92:a9:cf:4a:13:85:e6:5e:b6:cb:67:40:05:2b:
c8:60:c2:a9:2d:89:fb:83:9c:9b:ff:95:0b:29:4a:8b:1b:c3:
7e:9b:4f:80:92:0b:44:08:09:0d:72:db:e6:73:c7:60:85:09:
6c:6e:85:71:b8:e4:70:bb:57:69:46:7e:05:f7:40:14:4f:b4:
c3:50:12:6c:d7:9d:a2:3c:04:a0:0f:1a:6b:47:0f:fe:88:f8:
a7:d7:ec:c3:97:7c:5b:a6:b1:65:99:91:b7:f5:69:05:ff:c6:
62:ac:6d:1f:ef:83:61:ad:73:dc:8b:37:bf:8e:f0:df:05:e6:
f0:4c:34:83:64:9a:7e:d3:03:7f:61:64:b3:8b:a5:3c:83:22:
ba:f8:71:a4:b4:57:10:af:cb:c0:28:f2:70:c0:e2:4a:02:e1:
7a:0b:4f:60
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUflB2z2IgPH6FpQ65bDsVlE6Q6HMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMTkwODE2MDRaFw0yNTEwMTgwODIxMDRaMDMxMTAvBgNV
BAMTKDcyMjA1NjNBNkE0QjM3RjBFNzBGQjRERDA5MDJBMzFBRDcxRTNBODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC58UnhTWTBptlKMy7uE6MXS9nr
ME7JGnk3HB8+N7APHpXpwMKaPmAwXgvT/IIphUNhSQym2IqiWvxhzYQYjSm0SmTk
wtdWUDj2LT3kQcYUr2L72AyYokmSeshAmG0PmNk2PGs+wM2tmgUsvT7pdYmj6bIJ
vRnJGsZmesjhe49sPW/t5VTZ1Sz7cTbzuu5UnmKtKFfnbBJv2Ea8SuyIJna3HZK4
tUD2QhqiciodEl+UAg+oSp8qvByrkYv6L2XO5m7POblpWEHBZqZ6RDg+UX6gcJdH
0cS6V6+ZGFTOdpL3GLReeTWNDKxwwSTnOJYZTh3jx+wm9yRUvEptxOSq+KE9AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUciBWOmpLN/DnD7TdCQKjGtceOoAwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk2OTk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCjQvE
AwQBjQvmMA0GCSqGSIb3DQEBCwUAA4IBAQCQf3gkPAb1uPSQrCRFfSMO9h5QYr2T
xUBGwsYMw8E8bTTBYUW+sxcqLXGWWbN0x2sdI2iFlm+g4n3nz9cY7Fc3j8NMW2RJ
qLG+0SrXqgv8zgCekUjou7gA0iyrXN8IkqnPShOF5l62y2dABSvIYMKpLYn7g5yb
/5ULKUqLG8N+m0+AkgtECAkNctvmc8dghQlsboVxuORwu1dpRn4F90AUT7TDUBJs
152iPASgDxprRw/+iPin1+zDl3xbprFlmZG39WkF/8ZirG0f74NhrXPcize/jvDf
BebwTDSDZJp+0wN/YWSzi6U8gyK6+HGktFcQr8vAKPJwwOJKAuF6C09g
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:07 2024 by rpki-client on console-fra.rpki-client.org